ADVERTISEMENT

Think your company is too small to get hacked? Think again

Diverse group of business people working together at a small office discussing a new business plan
Pierluigi Paganini
Pierluigi Paganini Contributor
Mar 31, 2021 Updated: 28 September 2021 3 min read
While the news of massive cyberattacks against major organizations worldwide make the headlines on a daily basis, thousands of small and medium organizations are targeted by cybercriminals even more often.
A cyberattack can have a dramatic impact on small organizations - most of them go out of business within a few months of a security breach.

Most attacks on SMBs go unreported

Looking at the number of reported attacks, you might think that big companies are victims of more cyberattacks. This data is not correct.
ADVERTISEMENT

How to protect small business from cyberattacks?

  • Watch out for scam emails (phishing) and don’t open attachments or click on links included in unsolicited messages.
  • Update your software and operating systems
  • Use strong passphrases and don’t share them round.
  • Enable multi-factor authentication.
  • Back up your data and store it separately from the computer.
  • Definition of the processing operation and its context. In this phase, the organization assesses the data processed, systems involved, and their relevant context.
  • Understanding and evaluation of impact. In this phase, the business evaluates the potential impact of each risk on the operations of the organization, the rights and freedoms of individuals, and the data processing system.
  • Definition of possible threats and evaluation of the threat occurrence probability. In this phase, the organization analyses the threats related to the overall environment of personal data processing (external or internal) and assesses their likelihood (threat occurrence probability).
  • Evaluation of risk (combining threat occurrence probability and impact). In this phase, the business evaluates the risk by analyzing the impact of the personal data processing operation and the relevant threat occurrence probability.

More from CyberNews

ADVERTISEMENT